As mentioned earlier, Datacenter-specific firewall rules affect all resources, such as cluster, nodes, and virtual machines. Any rules created in this zone are cascaded to both hosts and VMs. This zone is also used to fully lock down a cluster to drop all incoming traffic and then only open what is required. In a freshly installed Proxmox cluster, the Datacenter-wide firewall option is disabled.
CAUTION! Attention must be given to this section to prevent full cluster lock out.
The following screenshot shows the firewall option for the Datacenter zone through the Options tab by navigating to Datacenter | Firewall | Options:
As we can see, in the preceding ...